Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F006D/3C100C9298BE11EEB1DDE835C4F9AE02/4204EB5C98C011EE8589663CC4F9AE02.roa
File: 4204EB5C98C011EE8589663CC4F9AE02.roa (raw, json)
Hash identifier: SEzyS++gZTgeMzz7H4v5tKJ8pUzrfoIFH4h+KReLmkQ=
Subject key identifier: C2:D8:2E:91:FC:A2:F2:F4:F8:AB:C5:C3:1E:84:88:9C:1B:4F:ED:EE
Certificate issuer: /CN=A91F006D/serialNumber=46F972D7B83DCA061DB9DFAAF0177F2DDF1EE90A
Certificate serial: 06
Authority key identifier: 46:F9:72:D7:B8:3D:CA:06:1D:B9:DF:AA:F0:17:7F:2D:DF:1E:E9:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Rvly17g9ygYdud-q8Bd_Ld8e6Qo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F006D/3C100C9298BE11EEB1DDE835C4F9AE02/4204EB5C98C011EE8589663CC4F9AE02.roa
Signing time: Tue 12 Dec 2023 07:36:18 +0000
ROA not before: Tue 12 Dec 2023 07:36:18 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 137970
IP address blocks: 36.50.74.0/23 maxlen: 24
36.50.74.0/24 maxlen: 24
2001:df3:43c0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6 (0x6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F006D, serialNumber=46F972D7B83DCA061DB9DFAAF0177F2DDF1EE90A
Validity
Not Before: Dec 12 07:36:18 2023 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=65780d72-97d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:a0:0b:6a:45:e4:b7:93:1b:a3:75:5a:5b:f1:
5d:40:e2:d3:c4:0a:dd:36:8a:f8:ff:73:4d:e6:12:
3a:25:33:64:f4:f9:9f:05:cc:fb:95:e3:41:06:da:
9f:07:73:97:c0:fc:6e:4b:01:1e:ab:dc:4b:94:2f:
59:7e:e6:78:36:36:b3:fd:e8:81:40:dc:a2:04:dd:
99:b6:78:51:ae:5e:e3:76:8c:2b:eb:93:f3:d6:b7:
6c:07:96:99:cf:d2:a4:1d:2b:a3:f5:91:69:89:96:
1b:3f:e1:32:f5:81:97:b8:32:f8:14:cc:87:5e:ea:
1d:c8:ca:53:ed:df:71:6f:1f:f8:66:ea:a7:55:f9:
0e:b1:ad:d0:ed:70:cf:b7:b4:36:6d:44:b2:29:dd:
b7:64:5d:60:b6:9e:40:f9:c8:7f:ca:e5:b5:a1:e7:
30:a8:95:e2:76:55:15:3d:95:51:3e:46:7e:41:c9:
14:86:43:0d:d2:e9:d3:6b:2a:ee:1b:6a:52:f2:16:
a3:90:2e:78:39:15:a8:ce:74:62:0b:dd:7b:a0:14:
bd:8b:71:f3:bf:b4:ae:e7:03:29:df:3e:09:ba:eb:
a0:cf:12:a6:72:0a:62:76:db:88:32:bb:c2:83:39:
97:92:4c:45:72:14:70:c9:42:5e:7a:ee:61:2b:70:
5f:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:D8:2E:91:FC:A2:F2:F4:F8:AB:C5:C3:1E:84:88:9C:1B:4F:ED:EE
X509v3 Authority Key Identifier:
keyid:46:F9:72:D7:B8:3D:CA:06:1D:B9:DF:AA:F0:17:7F:2D:DF:1E:E9:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F006D/3C100C9298BE11EEB1DDE835C4F9AE02/Rvly17g9ygYdud-q8Bd_Ld8e6Qo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Rvly17g9ygYdud-q8Bd_Ld8e6Qo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F006D/3C100C9298BE11EEB1DDE835C4F9AE02/4204EB5C98C011EE8589663CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
36.50.74.0/23
IPv6:
2001:df3:43c0::/48
Signature Algorithm: sha256WithRSAEncryption
42:46:32:9e:be:2c:16:7b:f3:3f:4d:d3:48:92:e8:c7:26:67:
61:67:d0:41:f7:46:e2:a1:19:d9:f5:aa:3e:aa:c2:37:6d:5f:
66:44:8a:2a:8a:f9:5f:f6:83:7d:39:6e:5e:74:5a:d7:80:fd:
d8:c3:05:eb:aa:3e:7e:6a:28:cd:5d:70:02:41:c3:c1:e7:dc:
80:63:ad:16:d1:56:e7:d9:4a:16:1e:e2:20:51:77:2f:16:b2:
a6:ba:8f:dd:3d:19:bf:4b:79:6a:9c:96:87:88:f7:2c:03:7a:
dc:c0:a9:0c:fa:0d:d0:4d:1c:8d:a3:40:da:6a:49:6a:7c:55:
52:aa:9b:d9:03:e2:71:1f:56:61:fe:7e:c9:e9:7f:1f:e4:3d:
81:f6:0c:ac:91:aa:09:8b:e0:c2:86:f9:c8:69:ac:76:b6:83:
02:00:0a:99:06:c5:2a:73:9a:a5:3f:30:59:0c:0b:15:7f:38:
b7:65:6d:09:e7:bf:58:4b:70:78:d5:85:2e:7b:68:54:c6:d8:
d3:43:e3:70:de:d3:d5:5a:41:be:78:9e:20:fc:2d:8f:20:71:
bf:9c:6b:c2:ba:1f:9a:0c:fc:a5:49:8c:19:62:d1:b8:ab:7d:
b3:51:c7:7b:3b:db:bd:83:1b:f2:e0:7b:55:bf:ec:41:32:fe:
a6:9d:ee:ab
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBBjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG
MDA2RDExMC8GA1UEBRMoNDZGOTcyRDdCODNEQ0EwNjFEQjlERkFBRjAxNzdGMkRE
RjFFRTkwQTAeFw0yMzEyMTIwNzM2MThaFw0yNTAzMDIwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1NzgwZDcyLTk3ZDUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDOoAtqReS3kxujdVpb8V1A4tPECt02ivj/c03mEjolM2T0+Z8FzPuV40EG2p8H
c5fA/G5LAR6r3EuUL1l+5ng2NrP96IFA3KIE3Zm2eFGuXuN2jCvrk/PWt2wHlpnP
0qQdK6P1kWmJlhs/4TL1gZe4MvgUzIde6h3IylPt33FvH/hm6qdV+Q6xrdDtcM+3
tDZtRLIp3bdkXWC2nkD5yH/K5bWh5zColeJ2VRU9lVE+Rn5ByRSGQw3S6dNrKu4b
alLyFqOQLng5FajOdGIL3XugFL2LcfO/tK7nAynfPgm666DPEqZyCmJ224gyu8KD
OZeSTEVyFHDJQl567mErcF+vAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUwtgukfyi
8vT4q8XDHoSInBtP7e4wHwYDVR0jBBgwFoAURvly17g9ygYdud+q8Bd/Ld8e6Qow
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUYwMDZELzNDMTAwQzkyOThC
RTExRUVCMURERTgzNUM0RjlBRTAyL1J2bHkxN2c5eWdZZHVkLXE4QmRfTGQ4ZTZR
by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvUnZseTE3Zzl5Z1lkdWQtcThCZF9MZDhlNlFvLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
MDA2RC8zQzEwMEM5Mjk4QkUxMUVFQjFEREU4MzVDNEY5QUUwMi80MjA0RUI1Qzk4
QzAxMUVFODU4OTY2M0NDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEASQySjAPBAIAAjAJAwcAIAEN80PAMA0GCSqGSIb3DQEBCwUA
A4IBAQBCRjKeviwWe/M/TdNIkujHJmdhZ9BB90bioRnZ9ao+qsI3bV9mRIoqivlf
9oN9OW5edFrXgP3YwwXrqj5+aijNXXACQcPB59yAY60W0Vbn2UoWHuIgUXcvFrKm
uo/dPRm/S3lqnJaHiPcsA3rcwKkM+g3QTRyNo0DaaklqfFVSqpvZA+JxH1Zh/n7J
6X8f5D2B9gyskaoJi+DChvnIaax2toMCAAqZBsUqc5qlPzBZDAsVfzi3ZW0J579Y
S3B41YUue2hUxtjTQ+Nw3tPVWkG+eJ4g/C2PIHG/nGvCuh+aDPylSYwZYtG4q32z
Ucd7O9u9gxvy4HtVv+xBMv6mne6r
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:18:48 2025 by rpki-client